• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.17-28
• /
• 2019

6LoWPAN based on IEEE 802.15.4 is a realistic standard platform for various Internet of Things (IoT) applications. To bootstrap the LoWPAN (Low-power Wireless Personal Area Network), each device must perform 6LoWPAN-ND address registration to assign a unique IPv6 address. Without adequate security mechanisms, 6LoWPAN-ND is vulnerable to a variety of security attacks including corrupted node attacks. Several security mechanisms have been proposed as a supplement to the vulnerability, but the vulnerability exists because it relies solely on IEEE 802.15.4 hop-by-hop security. In this paper, we propose and analyze a vulnerability of 6LoWPAN-ND address registration and a new security mechanism suitable for preventing the attack of damaged node. It also shows that the proposed security mechanism is compatible with the Internet Engineering Task Force (IETF) standard and is more efficient than the mechanism proposed in the IETF 6 lo WG.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2002.05d
• /
• pp.675-679
• /
• 2002

지난 1월말 cdma2000 1x EvDo의 상용서비스 개시와, 비슷한 시기인 2월초 주요 Hot-Spot 지역을 중심으로 무선 LAN 서비스의 상용화에 들어서면서 본격적인 패킷 서비스가 시작되었다. 이와 같은 널리 퍼진 인프라를 중심으로 사용자들은 머지 않아 언제 어디서든지 근접한 컴퓨팅 장비를 이용해서 주변 환경을 이용하고 제어하는 pervasive 컴퓨팅 환경에 이르게 될 것이다. 본 논문에서는 이와 같은 컴퓨팅 환경을 위한 lightweight 프로토콜인 BURP(Basic User Registration Protocol)를 통해 멀티미디어 서비스, 고화질 QoS 서비스, 네비게이션 서비스, 파일 출력/인쇄 서비스 등 사용자의 위치에서 사용자에 특정한 서비스 시나리오를 구성하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.592-594
• /
• 2002

Mobile IPv6는 호스트에 이동성을 제공하여주는 Mobile IPv4의 부족한 주소문제를 해결하고자 제안된 차세대 프로토콜이다. 본 논문에서는 Mobile IPv6의 이동노드와 메시지인증을 위한 단방향 공개키 암호화 기법과 비밀키 기법을 제안한다. 제안된 프로토콜은 이동노드의 인증과 메시지 인증을 위하여 공개키 암호화 기법을 최소화하였으며, 또한 전송 메시지를 최소화함으로 해서 이동노드의 부담을 줄이도록 설계하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.298-300
• /
• 2001

VoIP 기술은 사용자 사이에서 call을 설정, 변경, 종료할 수 있는 signaling 프로토콜이 필수적이다. 이러한 점에서 인터넷 프로토콜 네트워크 상에서의 call과 멀티미디어 세션의 실시간 제어를 목적으로 IETF의 MUSIC WG에서 말들어진 새로운 signaling 프로토콜이 SIP(Session Initiation Protocol)이다. 또한, IETF에서 SIP WG이 생겨나면서 이 프로토콜에 대한 연구가 더욱 활발해지고 있다. 본 노문에서는 SIP에 대한 개략적인 내용과 SIP 프로토콜의 기능들을 간략하게 소개하였고, SIP session initiation의 과정과 registration 과정 등의 동작에 대하여 설명하였다. 그리고 User Agent의 기본적인 동작을 설명하고, VOVIDA에서 개발한 SIP의 리눅스용 공개 소스를 통해서 User Agent의 실행되는 과정을 분석하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.518-522
• /
• 2003

We propose a new auction protocol scheme that uses the publicly verifiable secret sharing (PVSS) scheme. Unlike the existing scheme where a verifiable encryption scheme is employed when there is a dispute between a bidder and the auctioneer, the proposed scheme essentially removes the potential of a dispute. In addition, it has a robust registration phase and any entities participating in or observing the auction can verify the correctness of the auction process. The manager does not directly chooses the private key for the bidders, but only verifies the correctness between the private key and the public key, thereby improving the security, such as a bid submission of a malicious manager using the private key of a bidder.

• Annual Conference of KIPS
• /
• 2015.10a
• /
• pp.767-770
• /
• 2015

With the deployment of web-based educational game over the internet, the user's registration becomes a critical element. The user is authenticated by the system using username, password, and unique code. However, it cannot be handled properly because the data is transmitted through insecure channel on the network. Hence, security requirement is needed to avoid identity leakage from malicious user. In this paper, we propose a secure communication approach using SSL protocol for an online game. We also describe the security requirements for our approach. In future work, we intend to configure and implement the SSL protocol by enabling HTTPS in web-based online game.

• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.766-769
• /
• 2005

In a ubiquitous environment made up of multiple sensors, most sensors participate in communications with limited battery, and the sensor node isn't able to participate in communications when all the battery is used up. When an existing authentication method is used for the sensor node which has to participate in a long term communication with limited battery, it creates a problem by making the length of network maintenance or sensor node's operation time relatively shorte. Therefore, a network structure where RM (Register Manager) node and AM (Authentication Manager) node are imported to solve the energy consumption problem during a communication process is presented in this thesis. This offers a low power protocol based on safety through a mutual authentication during communications. Through registration and authentication manager nodes, each sensor nodes are ensured of safety and the algorithm of key's generation, encryption/descramble and authentication is processed with faster operation speed. So the amount of electricity used up during the communications between sensor nodes has been evaluated. In case of the amount of electrical usage, an average of $34.783\%$ for the same subnet and 36.855 for communications with two different subnets, are reduced. The proposed method is a protocol which maintains the limited battery for a long time to increase the effectiveness of energy usage in sensor nodes and can also increase the participation rate of communication by sensor nodes.

• Asian Pacific Journal of Cancer Prevention
• /
• v.17 no.2
• /
• pp.863-866
• /
• 2016

Background: Extensive efforts have been made to investigate c-KIT expression in lung cancer specimens and its correlation with clinical outcomes, but the issue remains unresolved. Thus, this study will be conducted to clarify the prognostic value of c-KIT expression in lung cancer patients. Materials and Methods: We will search Pubmed, SCOPUS, and ISI web of sciences with no restriction of language. Studies with any design (except case reports or case series) evaluating correlations of c-KIT expression with survival or outcome in patients with lung cancer will be included. The outcome measures will include all types of survival indexes, including overall survival rate and disease free survival using Kaplan-Meier analysis and hazard ratios. Study selection and data extraction will be performed by two independent researchers. Quality assessment (assessment of risk of bias) and data synthesis will be implemented using Stata software version 11.1. Results: No ethical issues are predicted. These findings will be published in a peer-reviewed journal and presented at national and international conferences. Conclusions: This systematic review protocol is registered in the PROSPERO International Prospective Register of Systematic Reviews, registration number = CRD42015023391.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.511-535
• /
• 2017

Internet banking is one of many services provided by financial institutions that have become very popular with an increasing trend. Due to the increased amount of usage of the service, Internet banking has become a target from adversaries. One of the points that are at risk of an attack is the login process. Therefore, it is necessary to have a security mechanism that can reduce this risk. This research designs and develops a multi-factor authentication protocol, starting from a registration system, which generates authentication factors, to an actual authentication mechanism. These factors can be categorised into two groups: short term and long term. For the authentication protocol, only three messages need to be exchanged between a client and a financial institution's server. Many cryptographic processes are incorporated into the protocol, such as symmetric and asymmetric cryptography, a symmetric key generation process, a method for generating and verifying digital signatures. All of the authentication messages have been proved and analysed by the logic of GNY and the criteria of OWASP-AT-009. Even though there are additional factors of authentication, users do not really feel any extra load on their part, as shown by the satisfactory survey.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.1
• /
• pp.27-34
• /
• 2018

Various messages generated in vehicles are transmitted based on the wireless telecommunication which is a core technology of vehicle to everything (V2X). However, the hackers attack them upon penetration to the system and network to cause the generation of users' inconveniences for vehicular communication. Moreover, huge damage could be occurred in terms of physical and materialistic areas if the users in the vehicles were attacked in the communication environment. Therefore, this study was to design the safe communication protocol using hash tree technique in the V2X environments. Using hash tree technique, processes of issuing certificate and registration and communication protocol were designed, and safety analysis was performed on the attacking technique which is occurred in the existing vehicles. Approximately 62% of decrease in the capacity analysis was found upon comparative analysis of telecommunication processes with the system to issue the certificate which is used in the existing vehicles.